Bug #60613 SYS_TABLES is accessed before recv_recovery_from_checkpoint_finish() may crash
Submitted: 24 Mar 2011 3:29 Modified: 16 Jan 2013 19:53
Reporter: Yasufumi Kinoshita Email Updates:
Status: Verified Impact on me:
Category:MySQL Server: InnoDB storage engine Severity:S3 (Non-critical)
Version:5.0, 5.1.56, 5.1.67 OS:Any
Assigned to: CPU Architecture:Any

[24 Mar 2011 3:29] Yasufumi Kinoshita
There seems to be possibility to fail recovery of InnoDB (builtin).


InnoDB: Failing assertion: btr_page_get_prev(next_page, mtr) == buf_frame_get_page_no(page)

#0  0x00000032a4c30265 in raise () from /lib64/libc.so.6
#1  0x00000032a4c31d10 in abort () from /lib64/libc.so.6
#2  0x000000000041daa5 in btr_pcur_move_to_next_page (cursor=0x7fff6e41f710, mtr=0x7fff6e41f250) at btr/btr0pcur.c:402
#3  0x00000000004428f2 in btr_pcur_move_to_next_user_rec (in_crash_recovery=1) at ../../storage/innobase/include/btr0pcur.ic:329
#4  dict_check_tablespaces_and_store_max_id (in_crash_recovery=1) at dict/dict0load.c:260
#5  0x00000000004bd60e in innobase_start_or_create_for_mysql () at srv/srv0start.c:1537

SYS_TABLES internal table seems to be scanned before all transaction logs are applied.

How to repeat:
It is possibility.
I don't know how to repeat 100%.

Suggested fix:
recv_recovery_from_checkpoint_finish() before dict_check_tablespaces_and_store_max_id() like InnoDB-plugin.
[11 Jan 2012 15:50] Valeriy Kravchuk
See bug #59910 also.
[13 Mar 2012 19:43] Sveta Smirnova

bug #59910 with similar symptom during MEB restore is not repeatable now. Is it fixed in latest InnoDB code?
[14 Mar 2012 0:15] Yasufumi Kinoshita

mysql-5.1/storage/innobase/srv/srv0start.c has the code still.

                        TODO: We may have incomplete transactions in the
                        data dictionary tables. Does that harm the scanning of
                        the data dictionary below? */




Does MEB use the built-in InnoDB's recovery code?
[22 Mar 2012 19:37] Sveta Smirnova

yes, it does. But it lately started to use 5.5, so probably this is the reason for fix of second bug.
[16 Jan 2013 19:53] Sveta Smirnova
I think this should be verified finally: code still exists in 5.1 and solution of MEB bug can prove this could lead to crash.